The Microsoft Threat Intelligence team has officially confirmed that a group of threat actors known as Storm-1811 has been exploiting client management tools within its Quick Assist platform to target customers through social engineering tactics. This criminal group has been identified for installing the Black Basta Ransomware, employing vishing techniques to distribute malware such as Cobalt Strike and Qakbot, ultimately deploying the Black Basta ransomware. Microsoft, the software giant, acknowledged that these malicious activities have been ongoing since April 2024, and its security teams are actively engaged in resolving the issue while also providing timely alerts to customers.
In other news, plans for the implementation of a Cybersecurity Tax slated to commence in May of this year have been delayed due to financial challenges faced by the country. The Nigerian government had previously announced its intention to impose a security tax on all digital transactions to support its national cybersecurity program, as indicated in a statement issued in November of the preceding year. However, amidst a financial crisis exacerbated by high inflation rates, President Bola Tinubu declared the postponement of the proposed 0.5% tax levy, originally scheduled to take effect from May 6, 2024.
Santander, a prominent banking institution, has disclosed that certain user data was compromised in a cyber incident attributed to a breach at a third-party provider. This revelation came to light through a report released on May 14, 2024, revealing that both customer and employee data had been compromised.
Furthermore, Australia’s MediSecure, a digital prescription provider, fell victim to a cyber attack resulting in the exposure of sensitive information, masquerading initially as a ransomware data breach. Currently, investigations into the incident are underway, with assurances from MediSecure to provide additional details as the probe progresses. The Australian Digital Health Agency, in collaboration with the National Cyber Security team, is actively investigating the incident and working diligently to minimize risks and mitigate potential repercussions. At present, the identity of the ransomware gang responsible for the attack remains unclear.